Security of services, transactions and customer data

  • GRI:
  • Management of material topics (identified as material in the materiality matrix)3-3
    Management of material topics (identified as material in the materiality matrix)
  • Total number of justified complaints regarding breaches of customer privacy and data loss418-1
    Total number of justified complaints regarding breaches of customer privacy and data loss
  • GPW:
  • Data protection policyG-D1
    Data protection policy

Santander Bank Polska Group processes significant amounts of customers’ personal data and other confidential and sensitive information for the purpose of providing financial services. In 2023, the bank had 3,497,000 digital customers. We meet the highest national and EU standards for protecting data from cyber threats.

3,497K
digital customers

Our comprehensive IT security system is based on best practices and state-of-the-art technology solutions. Our information security management system is certified to ISO/IEC 27001:2013 and includes oversight of information security in Santander Bank Polska Group’s business environment and assessment of specific information security requirements and IT systems.

We monitor IT security regulations and technologies and adapt our systems to changing conditions on an ongoing basis. This enables us to continuously improve our internal transactional systems and the tools that our customers are willing to use on a daily basis.

We monitor compliance and complaints from external stakeholders. In 2023, the Santander Bank Polska Group received four legitimate complaints from third parties regarding breaches of customer privacy and no complaints from administrative authorities. We recorded 8 cases of data leaks (loss) in 2023.

How we took care of cyber security in 2023:

  • GRI:
  • Actions implemented to ensure cyber securityCustom indicator
    Actions implemented to ensure cyber security

We promote awareness of online financial security among customers and to the public at large. In 2023, we regularly published information on the most common cyber threat scenarios and tips on how to protect against them in Santander Bank Polska S.A.’s social media and online and mobile banking platforms.

These activities reached more than four million users, including – for the first time – also customers between the ages of 13 and 17. For those who use the Internet less often, we prepared a campaign dedicated to IT security conducted on the radio (5.5 million viewers) and television (5.7 million viewers). The Santander Bank Polska  S.A. brand ambassador Piotr Adamczyk became its face and voice. An animation displayed on TV screens promoting the 5 principles of cyber security is also a regular feature in the bank’s branch network.

In 2023, we also prepared training courses on cyber threats for Private Banking clients and senior citizens. In addition, in cooperation with the Warsaw Banking Institute, we organised an online event for primary and secondary school students, which was attended by more than six thousand people. The bank also participated in the Bakcyl programme, where cyber security issues were discussed during classes taught by volunteers.

Bank delegates were speakers at conferences, including the Woman in Tech Summit 2023 and The Hack Summit 2023.

At Santander Leasing S.A., we monitor the security of systems and applications and conduct periodic 'phishing’ tests and ethical hacking. Cyber security topics are also part of training for new employees.